Issue

Sigma Server fails shortly after startup. This issue occurs on a machine where anti-virus software is also installed.

Symptoms

• Sigma services fail to start.
• Windows Event Viewer logs show Sigma service failure.
• Anti-virus logs may show Sigma files as quarantined or deleted.

Product Line

Environment

Satchwell Sigma

Cause

The Sigma Server previously operated normally but now crashes consistently upon startup. This is typically due to a recent update to the anti-virus definitions, which may incorrectly flag a Sigma file as suspicious.

Resolution

1. Check Anti-Virus Logs:

   • Review logs to identify if any Sigma files have been quarantined or deleted.
   • Look specifically in:
     • Quarantine directory
     • Deletion logs

2. Restore or Reinstall Sigma Files:

   • If files are quarantined, restore them.
   • If files are deleted, reinstall Sigma to recover missing components.

3. Adjust Anti-Virus Settings:

   • Exclude the following directories from real-time scanning:
     • C:\Sigma\Data
     • C:\Sigma\Bin
   • Note: Coordinate with site IT for approval and implementation of exclusions.